<?php
/**
 * content.inc.php
 */

if(!defined('IN_SITE') || !defined('IN_ADMIN')) {
	exit('Access Denied');
}
function searchFilter($str) {
	//转义引号
	if(!get_magic_quotes_gpc()) {
		$str = addslashes($str);
	}
	
	//过滤MySQL特殊符号
	$str = str_replace('[', '[[]', $str);
	$str = str_replace('_', '[_]', $str);
	$str = str_replace('%', '[%]', $str);
	
	//多个关键字
	if(preg_match('/ /', $str)) {
		$str_arr = array();
		$str_arr = explode(" ", $str);
		return $str_arr;
	}else{
	//一个关键字
		return $str;
	}
}
$op = in_array($op, array('list', 'add', 'edit', 'editsave', 'del', 'getsubcate', 'getnewcontent', 'getshopname', 'getdir', 'delattach', 'example')) ? $op : 'list';

$c = load('content.class.php');

switch ($op) 
{
	case 'list':

		$content = $c->getlist("AND special=1");
		$pageurl = $c->pages;

		$pagesize = 30;
		$where = " WHERE special=1";
		$order = " ORDER BY pubtime DESC";
		$page = max(intval($page), 1);
		$offset = $pagesize*($page-1);
        $limit = " LIMIT $offset, $pagesize";
        $sql = '';
        $sql .= "SELECT `contentid`, `title`, `editor`, `islink`, `url`, `pubtime`, `updatetime`, `status` FROM `{$tablepre}content` $where";
        $num = $db->num_rows($db->query($sql));
        $sql .= " $order $limit";
		$content = $db->fetch_all($sql);
		$pageurl = multi($num, $pagesize, $page, "admincp.php?action=special&op=list");

		break;
		
	case 'add':
		if($dosubmit)
		{
			require_once SITE_ROOT.'include/upload.class.php';
			$dir = date('y').'/'.date('m');
			$savePath = SITE_ROOT."attachments/".$dir;
			//上传展示图
			if($_FILES['showimg']['tmp_name']) //展示图
			{
				$f = new upload("showimg", $savePath);
				$f->up();
				$img = $f->uploadedfiles;
				$d['showimg'] = $img[0]['filepath'];
				
			}
			//上传专题banner
			if($_FILES['bannerimg']['tmp_name']) //展示图
			{
				
				$f = new upload("bannerimg", $savePath);
				$f->up();
				$img = $f->uploadedfiles;
				$d['banner'] = $img[0]['filepath'];
			}
			$d['special'] = 1;
			$d['editor'] = $administrator['editor'];
			if(!$d['islink'] && !is_dir(SITE_ROOT.'zt/'.$d['filepath'])){
				mkdir('zt/'.$d['filepath'], 0777);
				@chmod('zt/'.$d['filepath'],0777);
			}
			$contentid = $c->add($d);
			tongji(7);
			//生成静态页
			if($d['status'])
			{
				$html = load('html.class.php');
				$html->zhuanti($contentid);
				if($d[shopid]) $html->shop($d[shopid]);
			}
			if($contentid) showmessage('发布成功！继续发布。', '?action=special&op=add');
		}
		else
		{
			require_once SITE_ROOT.'admin/zhuanti.inc.php';
			$zhuanti_template_select = selectradio('', '', $zhuanti_select, '', 'option');
		}
		break;
		
	case 'edit':
		$content = $c->get($contentid);
			//取专题副表信息
			$special = $db->fetch_array($db->query("SELECT `headextend`, `banner`, `template`, `filepath`, `filename` FROM `{$tablepre}special` WHERE contentid='$contentid'"));

			//取可用专题模板
			require_once SITE_ROOT.'templates/default/zhuanti.inc.php';
			$zhuanti_template_select = selectradio('', '', $zhuanti_select, $special[template], 'option');
		break;
		
	case 'editsave':
		if($dosubmit)
		{
			require_once SITE_ROOT.'include/upload.class.php';
			$dir = date('y').'/'.date('m');
			$savePath = SITE_ROOT."attachments/".$dir;
			//上传展示图
			if($_FILES['showimg']['tmp_name']) //展示图
			{
				$f = new upload("showimg", $savePath);
				$f->up();
				$img = $f->uploadedfiles;
				$d['showimg'] = $img[0]['filepath'];
				
			}
			//上传专题banner
			if($_FILES['bannerimg']['tmp_name']) //展示图
			{
				$f = new upload("bannerimg", $savePath);
				$f->up();
				$img = $f->uploadedfiles;
				@unlink('attachments'.$d['banner_old']);
				$d['banner'] = $img[0]['filepath'];
				
			}
			$d['special'] = 1;
			$d['editor'] = $administrator['editor'];
			if(!$d['islink'] && !is_dir(SITE_ROOT.'zt/'.$d['filepath'])){
				mkdir('zt/'.$d['filepath'], 0777);
				@chmod('zt/'.$d['filepath'],0777);
			}
			$contentid = $c->edit($d);
			tongji(8);
//			生成静态页
			if($d['status'])
			{
				$html = load('html.class.php');
				$html->zhuanti($contentid);
				if($d[shopid]) $html->shop($d[shopid]);
			}
			if($contentid) showmessage('修改成功！', "?action=special&op=edit&contentid=$d[contentid]");
		}
		break;
		
	case 'del':
		if($delsubmit)
		{
			$cateid = $c->del($contentid);
			tongji(9,count($contentid));
			if($cateid) showmessage("删除成功！", "?action=special&op=list");
		}
		break;
		
	case 'getsubcate':
		if(empty($cid)) return false;
		$category = load("category.class.php");
		$subcate = $category->getsubcate($cid);
	
	
		if(!empty($subcate))
		{
			$html .= '<select name="d[subcateid]" '.">\n";
			$html .= "<option value=\"\">---请选择子类---</option>\n";
			for($i=0; $i<count($subcate); $i++)
			{
				$selected = $subcate[$i]['cid'] == $subcateid ? 'selected="selected"' : '';
				$html .= "<option value=\"".$subcate[$i]['cid']."\" $selected>".$subcate[$i]['cname']."</option>\n";
			}
			$html .= '</select>';
		}
		header("Content-type: text/html; charset=GBK");
		exit($html);
		break;
	
	case 'getdir':
		$filepath = $filepath ? trim($filepath) : '';
		$filename = $filename ? trim($filename) : '';
		$filepath = iconv('UTF-8', 'GBK', searchFilter($filepath));
		$filename = iconv('UTF-8', 'GBK', searchFilter($filename));
		$num = $db->result_first("SELECT count(contentid) FROM `{$tablepre}special` WHERE filepath='$filepath' AND filename='$filename'");
		if($num>0){
			header("Content-type: text/html; charset=GBK");
			exit('2');
		}
		if($type==1){
			$num = $db->result_first("SELECT count(contentid) FROM `{$tablepre}special` WHERE filepath='$filepath'");
			if($num>0){
				header("Content-type: text/html; charset=GBK");
				exit('1');
			}
		}
		break;
		
	case 'delattach':
		if(empty($aid)) return false;
		$filepath = $db->result_first("SELECT filepath FROM `{$tablepre}attach` WHERE aid='$aid'");
		@unlink(SITE_ROOT.'attachments'.$filepath);
		$query = $db->query("DELETE FROM `{$tablepre}attach` WHERE aid='$aid'");
		$html = $query ? 'ok' : 'error';
		header("Content-type: text/html; charset=GBK");
		exit($html);
		break;
	case 'example':
		$special = $db->fetch_array($db->query("SELECT `headextend`, `banner`, `template`, `filepath`, `filename` FROM `{$tablepre}special` WHERE contentid='$contentid'"));
		break;
}

$cachefile = CACHE_PATH.'cache_category.php';
if(is_file($cachefile))
{
	@include $cachefile;
}
else
{
	updatecache('category');
	@include $cachefile;
}
$cate = $_SCACHE['category'];
include admin_tpl("special");
?>